[jira] [Commented] (CLOUDSTACK-10166) Cannot add a tag to a NetworkACL (rule not list) in CS with a user in a project or in an account

Thu, 30 Nov 2017 09:23:00 -0800 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10166?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16272985#comment-16272985
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10166:
---------------------------------------------

khos2ow closed pull request #2347: CLOUDSTACK-10166: Get accountId and domainId 
from VPC when tagging a NetworkACL as a user
URL: https://github.com/apache/cloudstack/pull/2347
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git a/server/src/com/cloud/tags/TaggedResourceManagerImpl.java 
b/server/src/com/cloud/tags/TaggedResourceManagerImpl.java
index 08ed3dd1f71..c7170e302b4 100644
--- a/server/src/com/cloud/tags/TaggedResourceManagerImpl.java
+++ b/server/src/com/cloud/tags/TaggedResourceManagerImpl.java
@@ -24,9 +24,6 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
-import com.cloud.storage.SnapshotPolicyVO;
-import com.cloud.user.dao.AccountDao;
-import com.cloud.utils.exception.CloudRuntimeException;
 import org.apache.cloudstack.api.Identity;
 import org.apache.cloudstack.api.InternalIdentity;
 import org.apache.cloudstack.context.CallContext;
@@ -54,8 +51,8 @@
 import com.cloud.network.dao.Site2SiteVpnGatewayVO;
 import com.cloud.network.rules.FirewallRuleVO;
 import com.cloud.network.rules.PortForwardingRuleVO;
-import com.cloud.network.security.SecurityGroupVO;
 import com.cloud.network.security.SecurityGroupRuleVO;
+import com.cloud.network.security.SecurityGroupVO;
 import com.cloud.network.vpc.NetworkACLItemVO;
 import com.cloud.network.vpc.NetworkACLVO;
 import com.cloud.network.vpc.StaticRouteVO;
@@ -66,6 +63,7 @@
 import com.cloud.server.TaggedResourceService;
 import com.cloud.service.ServiceOfferingVO;
 import com.cloud.storage.DiskOfferingVO;
+import com.cloud.storage.SnapshotPolicyVO;
 import com.cloud.storage.SnapshotVO;
 import com.cloud.storage.VMTemplateVO;
 import com.cloud.storage.VolumeVO;
@@ -75,6 +73,7 @@
 import com.cloud.user.DomainManager;
 import com.cloud.user.OwnedBy;
 import com.cloud.user.UserVO;
+import com.cloud.user.dao.AccountDao;
 import com.cloud.utils.Pair;
 import com.cloud.utils.component.ManagerBase;
 import com.cloud.utils.db.DB;
@@ -84,6 +83,7 @@
 import com.cloud.utils.db.Transaction;
 import com.cloud.utils.db.TransactionCallbackNoReturn;
 import com.cloud.utils.db.TransactionStatus;
+import com.cloud.utils.exception.CloudRuntimeException;
 import com.cloud.vm.NicVO;
 import com.cloud.vm.UserVmVO;
 import com.cloud.vm.snapshot.VMSnapshotVO;
@@ -143,7 +143,6 @@
     @Inject
     AccountDao _accountDao;
 
-
     @Override
     public boolean configure(String name, Map<String, Object> params) throws 
ConfigurationException {
         return true;
@@ -192,6 +191,20 @@ public long getResourceId(String resourceId, 
ResourceObjectType resourceType) {
             domainId = ((SecurityGroupVO)SecurityGroup).getDomainId();
         }
 
+        // if the resource type is network acl, get the accountId and domainId 
from VPC following: NetworkACLItem -> NetworkACL -> VPC
+        if (resourceType == ResourceObjectType.NetworkACL) {
+            NetworkACLItemVO aclItem = (NetworkACLItemVO)entity;
+            Object networkACL = 
_entityMgr.findById(s_typeMap.get(ResourceObjectType.NetworkACLList), 
aclItem.getAclId());
+            Long vpcId = ((NetworkACLVO)networkACL).getVpcId();
+
+            if (vpcId != null && vpcId != 0) {
+                Object vpc = 
_entityMgr.findById(s_typeMap.get(ResourceObjectType.Vpc), vpcId);
+
+                accountId = ((VpcVO)vpc).getAccountId();
+                domainId = ((VpcVO)vpc).getDomainId();
+            }
+        }
+
         if (entity instanceof OwnedBy) {
             accountId = ((OwnedBy)entity).getAccountId();
         }
@@ -204,8 +217,7 @@ public long getResourceId(String resourceId, 
ResourceObjectType resourceType) {
             accountId = Account.ACCOUNT_ID_SYSTEM;
         }
 
-        if ((domainId == null) || ((accountId != null) && 
(domainId.longValue() == -1)))
-        {
+        if ((domainId == null) || ((accountId != null) && 
(domainId.longValue() == -1))) {
             domainId = _accountDao.getDomainIdForGivenAccountId(accountId);
         }
         return new Pair<Long, Long>(accountId, domainId);
@@ -235,7 +247,7 @@ public ResourceObjectType getResourceType(String 
resourceTypeStr) {
             public void doInTransactionWithoutResult(TransactionStatus status) 
{
                 for (String key : tags.keySet()) {
                     for (String resourceId : resourceIds) {
-                        if (!resourceType.resourceTagsSupport())  {
+                        if (!resourceType.resourceTagsSupport()) {
                             throw new InvalidParameterValueException("The 
resource type " + resourceType + " doesn't support resource tags");
                         }
 
@@ -246,9 +258,8 @@ public void doInTransactionWithoutResult(TransactionStatus 
status) {
                         Long domainId = accountDomainPair.second();
                         Long accountId = accountDomainPair.first();
 
-                        if ((domainId != null) && (domainId == -1))
-                        {
-                           throw new CloudRuntimeException("Invalid DomainId : 
-1");
+                        if ((domainId != null) && (domainId == -1)) {
+                            throw new CloudRuntimeException("Invalid DomainId 
: -1");
                         }
                         if (accountId != null) {
                             _accountMgr.checkAccess(caller, null, false, 
_accountMgr.getAccount(accountId));
@@ -287,10 +298,10 @@ public String getUuid(String resourceId, 
ResourceObjectType resourceType) {
         Object entity = _entityMgr.findById(clazz, resourceId);
         if (entity != null && entity instanceof Identity) {
             return ((Identity)entity).getUuid();
-       }
+        }
 
-           return resourceId;
-       }
+        return resourceId;
+    }
 
     @Override
     @DB


 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Cannot add a tag to a NetworkACL (rule not list) in CS with a user in a 
> project or in an account
> ------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-10166
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10166
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>    Affects Versions: 4.10.0.0
>            Reporter: Khosrow Moossavi
>            Priority: Minor
>             Fix For: Future
>
>
> From cloudmonkey with non-root credentials
> {code:none}
> > create tags resourcetype=NetworkACL resourceids=SOME_ACL_RULE_ID 
> > tags[0].key=tag-key tags[0].value=tag-value
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to